[Secure-testing-commits] r29088 - data/CVE

Fri, 26 Sep 2014 13:05:38 -0700 

Author: jmm
Date: 2014-09-26 20:04:56 +0000 (Fri, 26 Sep 2014)
New Revision: 29088

Modified:
   data/CVE/list
Log:
kernel updates


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2014-09-26 19:57:28 UTC (rev 29087)
+++ data/CVE/list       2014-09-26 20:04:56 UTC (rev 29088)
@@ -4813,7 +4813,8 @@
        RESERVED
 CVE-2014-5045 (The mountpoint_last function in fs/namei.c in the Linux kernel 
before ...)
        - linux 3.14.15-1
-       - linux-2.6 <removed>
+       [wheezy] - linux <not-affected> (Introduced in 3.12)
+       - linux-2.6 <not-affected> (Introduced in 3.12)
        NOTE: https://lkml.org/lkml/2014/7/21/98
 CVE-2014-5044 [gfortran integer overflows]
        RESERVED
@@ -5863,7 +5864,7 @@
        - libav 6:10.2-1
        NOTE: 
http://git.libav.org/?p=libav.git;a=commit;h=ccda51b14c0fcae2fad73a24872dce75a7964996
 CVE-2014-4608 (** DISPUTED ** Multiple integer overflows in the 
lzo1x_decompress_safe ...)
-       - linux 3.14.9-1
+       - linux 3.14.9-1 (unimportant)
        - linux-2.6 <removed> (unimportant)
        NOTE: 
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=206a81c18401c0cde6e579164f752c4b147324ce
        NOTE: Not exploitable with the block sizes used in kernel images
@@ -8203,6 +8204,7 @@
        NOT-FOR-US: OpenShift
 CVE-2014-3601 (The kvm_iommu_map_pages function in virt/kvm/iommu.c in the 
Linux ...)
        - linux 3.16.2-1
+       [wheezy] - linux <no-dsa> (Will be fixed in next point release)
        - linux-2.6 <removed>
        [squeeze] - linux-2.6 <end-of-life> (Unsupported in squeeze-lts)
        NOTE: 
https://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=350b8bdd689cd2ab2c67c8a86a0be86cfa0751a7
@@ -18109,7 +18111,7 @@
        - linux 3.14.9-1 (bug #746738)
        - linux-2.6 <removed>
        [squeeze] - linux-2.6 <no-dsa> (Too intrusive to backport to 2.6.32)
-       [wheezy] - linux-2.6 <no-dsa> (Too intrusive to backport to 3.2)
+       [wheezy] - linux <no-dsa> (Too intrusive to backport to 3.2)
 CVE-2014-0180 (The wait_for_task function in ...)
        NOT-FOR-US: RedHat CloudForms Management Engine
 CVE-2014-0179 (libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to 
cause a ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to